Differential Privacy & Machine Learning

Overview

Differential Privacy (DP) provides a rigorous mathematical framework for protecting individual data points in machine learning pipelines. Our research addresses fundamental challenges in making deep learning models both accurate and privacy-preserving.

Key Directions

DP-SGD Optimization: We study how sharpness-aware minimization and other advanced optimizers interact with DP-SGD, finding that flat minima improve generalization under privacy constraints (DPSAT, ICML 2023).

Private SVMs: We design computationally efficient DP kernel SVMs that scale to multi-class settings without sacrificing utility (Information Sciences 2023; NeurIPS 2025).

Synthetic Data for DP Training: We leverage diffusion models to generate in-distribution public data, enabling stronger DP-SGD training without additional private data collection (CVPR 2024).

Privacy in LLMs & RAG: We investigate membership inference attacks on retrieval-augmented generation systems and develop defenses (EMNLP Findings 2025).